Cyberespionage, Incident response, Malware, TDR

For 10 years, cyberespionage group ‘APT 30’ targeted SE Asia, India

Danielle WalkerApril 13, 2015

FireEye has revealed a years-long cyberespionage operation targeting organizations in Southeast Asia and India.

The threat group, dubbed “APT 30,” took “special interest in political developments” in those regions, and used modularized malware – including tools called, BACKSPACE, SHIPSHAPE, SPACESHIP and FLASHFLOOD – so that various modules could be loaded to “create a wide range of variants as they were needed” against specific targets, FireEye said in Sunday blog post.

Journalists and media organizations that focused on related political issues were also targeted in the 10-year campaign, which dates back to 2004, researchers revealed. In a detailed report on APT 30, FireEye noted that malware used by the group, believed to be sponsored by the Chinese government, was also capable of stealing data from air-gapped networks.

Danielle Walker

The Kaspersky booth is seen on June 28, 2021, at Mobile World Congress in Barcelona. (Eugene Kaspersky, CC BY-NC-SA 2.0)

Network security

Italian public sector to replace Kaspersky products

Stephen WeigandMarch 22, 2022

Italy's public sector must replace antivirus software by Russian-based Kaspersky, the Reuters news service reported Friday.

Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during the daily press briefing at the White House on February 17, 2021. As policymakers dissect options to combat ransomware, Neuberger could be among the primary voices at the White House. (Photo by Drew Angerer/Getty Images)

Cyberespionage

White House: Intelligence shows Russia is exploring potential cyberattacks against US

Joe UchillMarch 21, 2022

Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger described the intelligence as "fragmentary" information regarding preparatory work for a cyberattack and said that the government alerted potentially impacted sectors in classified briefings.

Ukrainian serviceman walks by a Russian armored personnel carrier which the Ukrainian Army hit the night before on March 10 near Brovary, Ukraine.
Today’s columnist, Richard Luna of Protected Harbor, offers seven practical security tips for companies looking to protect themselves against the growing threat of Russian cyberattacks. (Photo by Anastas...

Cyberespionage

Seven ways U.S. businesses can protect themselves from Russian cyberattacks

Richard Luna March 17, 2022

Here are seven practical steps companies can take to protect their organizations from Russian cyberattacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

For 10 years, cyberespionage group ‘APT 30’ targeted SE Asia, India

Related

Italian public sector to replace Kaspersky products

White House: Intelligence shows Russia is exploring potential cyberattacks against US

Seven ways U.S. businesses can protect themselves from Russian cyberattacks

Get daily email updates